From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: [PATCH] redirect to TLS WebUI if authorisation required Date: Wed, 11 Oct 2017 11:15:14 +0100 Message-ID: <1507716914.4045.57.camel@ipfire.org> In-Reply-To: <20171010153559.5cc9b402.peter.mueller@link38.eu> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============8633758305821621447==" List-Id: --===============8633758305821621447== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi, I get the following message from Git: [root(a)rice-oxley ipfire-2.x]# pwclient git-am -s 1450 = =20 Applying patch #1450 using 'git am -s' =20 Description: redirect to TLS WebUI if authorisation required = =20 Applying: redirect to TLS WebUI if authorisation required = =20 error: corrupt patch at line 41 =20 Patch failed at 0001 redirect to TLS WebUI if authorisation required = =20 The copy of the patch that failed is found in: .git/rebase-apply/patch = =20 When you have resolved this problem, run "git am --continue". = =20 If you prefer to skip this patch, run "git am --skip" instead. = =20 To restore the original branch and stop patching, run "git am --abort". = =20 'git am' failed with exit status 128 =20 Any idea why it might be corrupted? -Michael On Tue, 2017-10-10 at 15:35 +0200, Peter M=C3=BCller wrote: > Do not allow credentials being submitted in plaintext to Apache. > Instead, redirect the user with a 301 to the TLS version of IPFire's > web interface. >=20 > Signed-off-by: Peter M=C3=BCller > --- > diff --git a/config/httpd/vhosts.d/ipfire-interface.conf > b/config/httpd/vhosts.d/ipfire-interface.conf > index 619f90fcc..41d10c874 100644 > --- a/config/httpd/vhosts.d/ipfire-interface.conf > +++ b/config/httpd/vhosts.d/ipfire-interface.conf > @@ -12,36 +12,17 @@ > Require all granted > > > - AuthName "IPFire - Restricted" > - AuthType Basic > - AuthUserFile /var/ipfire/auth/users > - Require user admin > + Options SymLinksIfOwnerMatch > + RewriteEngine on > + RewriteCond %{HTTPS} off > + RewriteRule (.*) https://%{SERVER_NAME}:444/$1 [R=3D301,L] > > ScriptAlias /cgi-bin/ /srv/web/ipfire/cgi-bin/ > > - AllowOverride None > - Options None > - AuthName "IPFire - Restricted" > - AuthType Basic > - AuthUserFile /var/ipfire/auth/users > - Require user admin > - > - Require all granted > - > - > - Require all granted > - > - > + Options SymLinksIfOwnerMatch > + RewriteEngine on > + RewriteCond %{HTTPS} off > + RewriteRule (.*) https://%{SERVER_NAME}:444/$1 [R=3D301,L] > > Alias /updatecache/ /var/updatecache/ > --===============8633758305821621447== Content-Type: application/pgp-signature Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="signature.asc" MIME-Version: 1.0 LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KCmlRSXpCQUFCQ2dBZEZpRUU1L3JXNWwzR0dl Mnlwa3R4Z0hudy8yK1FDUWNGQWxuZDd6TUFDZ2tRZ0hudy8yK1EKQ1FkS1pSQUFxNmlaSTZ4UFVn MDc3ZHNPaUV5Y0hDR0kxUjIyUmVaZXN1TFVBWTJZR1EwUmxQMVFRWkxiNjlmbgozMElhVUgwMlJS dWw3Vy9jajVZN0kreXBhSkZrZ0VyU3hRODVVZThOQWpQSTRLbFVJY2xmOHBPTnlwTjYxSnRNCi9I VTFha3lxSVhxM0xGRnZVWUo1SFQycExCMEs5K0RyMlJyMVdlSXYzR0EzRlBQRXphazArMWo3dGdu UTN3ZGsKUEZzNlRkckVpcFNVZnRSSGNJN2tuZUtpU2hjcVVkK0JQNWU4akYxWTJkZGdpbEpGUVdh SFRWWnFwajFseWJhNgpaeHh6VjM3K3hTRVJ6c3EwTThnNnUzdnNPZXM1c20rYUtWN2VuMmEySE5I SlhSRThIZ1JVbHNIS1dyUDRyT29LCjZ3bVh1TkJKS0VldnhRR09pZ1NRcFJMT1hVa05HaTMvcCtj dFZ2TW8velExUW9MN01QRjdWUThoOElJK21FT28KbkI4eWpoYTEvLzZUc0t5bE8zSCsvQ3FzdDFQ Z0R1UVBQazJhaEc5TW9rdXg4M2x0VWxZMGxJK2xpTDR1RGtZTAp5aEQxbk5LbGd1M284eWUvdDE3 MVZXMGk5SVBTUnRSMkVITmFiY1ZIK1BjVk0xWFJSWWY5bWVvY00wWGpicDN2CnU4cFQ3Y1lLOCt4 aVo1K3RBL1BIYmwzNGdCMUdZNkVPRkV1a2Exd28rVjY1T2Z5bFV3VVJMWGFZdEFMTFhJWDMKbnZs RDM1MnB4N0Q0eXFyQmRnMXZpc2d1K2IxMUkwOTdCT2Z0Q2orRXZ1YndXZXBNOXBtS2p3RDNPSFRu aUJwVAowb2R6UzRab25RWU81L0UrQ3BQem9pZjRucjhUKzlKcGVwNEp5eXhRdVNTNFJmL1JqcHc9 Cj1BdGU4Ci0tLS0tRU5EIFBHUCBTSUdOQVRVUkUtLS0tLQo= --===============8633758305821621447==--